CVE-2017-8779

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.

References

http://openwall.com/lists/oss-security/2017/05/03/12

http://openwall.com/lists/oss-security/2017/05/04/1

http://www.debian.org/security/2017/dsa-3845

http://www.securityfocus.com/bid/98325

http://www.securitytracker.com/id/1038532

https://access.redhat.com/errata/RHBA-2017:1497

https://access.redhat.com/errata/RHSA-2017:1262

https://access.redhat.com/errata/RHSA-2017:1263

https://access.redhat.com/errata/RHSA-2017:1267

https://access.redhat.com/errata/RHSA-2017:1268

https://access.redhat.com/errata/RHSA-2017:1395

https://github.com/drbothen/GO-RPCBOMB

https://github.com/guidovranken/rpcbomb/

https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/

https://security.gentoo.org/glsa/201706-07

https://security.netapp.com/advisory/ntap-20180109-0001/

https://usn.ubuntu.com/3759-1/

https://usn.ubuntu.com/3759-2/

https://www.exploit-db.com/exploits/41974/

Details

Source: MITRE

Published: 2017-05-04

Updated: 2019-10-03

Type: CWE-770

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:rpcbind_project:rpcbind:*:*:*:*:*:*:*:* versions up to 0.2.4 (inclusive)

Configuration 2

OR

cpe:2.3:a:libtirpc_project:libtirpc:*:*:*:*:*:*:*:* versions up to 1.0.1 (inclusive)

Configuration 3

OR

cpe:2.3:a:ntirpc_project:ntirpc:*:*:*:*:*:*:*:* versions up to 1.4.3 (inclusive)

Tenable Plugins

View all (58 total)

IDNameProductFamilySeverity
150436Ubuntu 16.04 LTS : rpcbind vulnerability (USN-4986-2)NessusUbuntu Local Security Checks
high
150420Ubuntu 18.04 LTS : rpcbind vulnerability (USN-4986-1)NessusUbuntu Local Security Checks
high
140963EulerOS Virtualization for ARM 64 3.0.6.0 : libtirpc (EulerOS-SA-2020-2015)NessusHuawei Local Security Checks
high
137980EulerOS Virtualization 3.0.6.0 : rpcbind (EulerOS-SA-2020-1761)NessusHuawei Local Security Checks
high
137032EulerOS 2.0 SP5 : rpcbind (EulerOS-SA-2020-1614)NessusHuawei Local Security Checks
high
136270EulerOS Virtualization for ARM 64 3.0.2.0 : rpcbind (EulerOS-SA-2020-1567)NessusHuawei Local Security Checks
high
127338NewStart CGSL MAIN 4.05 : libtirpc Vulnerability (NS-SA-2019-0106)NessusNewStart CGSL Local Security Checks
high
127326NewStart CGSL MAIN 4.05 : rpcbind Vulnerability (NS-SA-2019-0100)NessusNewStart CGSL Local Security Checks
high
121697Photon OS 1.0: Rpcbind PHSA-2017-0017NessusPhotonOS Local Security Checks
high
121696Photon OS 1.0: Libtirpc PHSA-2017-0017NessusPhotonOS Local Security Checks
high
117331Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libtirpc vulnerabilities (USN-3759-1)NessusUbuntu Local Security Checks
high
111866Photon OS 1.0: Freetype2 / Libtirpc / Rpcbind PHSA-2017-0017 (deprecated)NessusPhotonOS Local Security Checks
high
101635Fedora 26 : libtirpc (2017-57e8f5ec61)NessusFedora Local Security Checks
high
101609Fedora 26 : rpcbind (2017-36cba32910)NessusFedora Local Security Checks
high
101471Virtuozzo 6 : libtirpc / libtirpc-devel (VZLSA-2017-1268)NessusVirtuozzo Local Security Checks
high
101470Virtuozzo 6 : rpcbind (VZLSA-2017-1267)NessusVirtuozzo Local Security Checks
high
101467Virtuozzo 7 : libtirpc / libtirpc-devel (VZLSA-2017-1263)NessusVirtuozzo Local Security Checks
high
101466Virtuozzo 7 : rpcbind (VZLSA-2017-1262)NessusVirtuozzo Local Security Checks
high
101359Slackware 14.2 / current : rpcbind (SSA:2017-191-02)NessusSlackware Local Security Checks
high
101358Slackware 14.2 / current : libtirpc (SSA:2017-191-01)NessusSlackware Local Security Checks
high
100716RHEL 6 / 7 : Storage Server (RHSA-2017:1395)NessusRed Hat Local Security Checks
high
100696EulerOS 2.0 SP2 : rpcbind (EulerOS-SA-2017-1103)NessusHuawei Local Security Checks
high
100695EulerOS 2.0 SP1 : rpcbind (EulerOS-SA-2017-1102)NessusHuawei Local Security Checks
high
100690EulerOS 2.0 SP2 : libtirpc (EulerOS-SA-2017-1097)NessusHuawei Local Security Checks
high
100689EulerOS 2.0 SP1 : libtirpc (EulerOS-SA-2017-1096)NessusHuawei Local Security Checks
high
100650GLSA-201706-07 : Libtirpc and RPCBind: Denial of ServiceNessusGentoo Local Security Checks
high
100642Amazon Linux AMI : rpcbind (ALAS-2017-841)NessusAmazon Linux Local Security Checks
high
100641Amazon Linux AMI : libtirpc (ALAS-2017-840)NessusAmazon Linux Local Security Checks
high
100569SUSE SLES11 Security Update : libtirpc, rpcbind (SUSE-SU-2017:1468-1)NessusSuSE Local Security Checks
high
100447openSUSE Security Update : rpcbind (openSUSE-2017-615)NessusSuSE Local Security Checks
high
100399OracleVM 3.3 / 3.4 : libtirpc (OVMSA-2017-0108)NessusOracleVM Local Security Checks
high
100398OracleVM 3.3 / 3.4 : rpcbind (OVMSA-2017-0107)NessusOracleVM Local Security Checks
high
100373Scientific Linux Security Update : rpcbind on SL6.x i386/x86_64 (20170523)NessusScientific Linux Local Security Checks
high
100372Scientific Linux Security Update : libtirpc on SL6.x i386/x86_64 (20170523)NessusScientific Linux Local Security Checks
high
100371RHEL 6 : libtirpc (RHSA-2017:1268)NessusRed Hat Local Security Checks
high
100370RHEL 6 : rpcbind (RHSA-2017:1267)NessusRed Hat Local Security Checks
high
100369Oracle Linux 6 : libtirpc (ELSA-2017-1268)NessusOracle Linux Local Security Checks
high
100368Oracle Linux 6 : rpcbind (ELSA-2017-1267)NessusOracle Linux Local Security Checks
high
100366openSUSE Security Update : libtirpc (openSUSE-2017-608)NessusSuSE Local Security Checks
high
100359CentOS 6 : libtirpc (CESA-2017:1268)NessusCentOS Local Security Checks
high
100358CentOS 6 : rpcbind (CESA-2017:1267)NessusCentOS Local Security Checks
high
100348Scientific Linux Security Update : rpcbind on SL7.x x86_64 (20170521)NessusScientific Linux Local Security Checks
high
100347Scientific Linux Security Update : libtirpc on SL7.x x86_64 (20170521)NessusScientific Linux Local Security Checks
high
100342Oracle Linux 7 : libtirpc (ELSA-2017-1263)NessusOracle Linux Local Security Checks
high
100341Oracle Linux 7 : rpcbind (ELSA-2017-1262)NessusOracle Linux Local Security Checks
high
100327CentOS 7 : libtirpc (CESA-2017:1263)NessusCentOS Local Security Checks
high
100326CentOS 7 : rpcbind (CESA-2017:1262)NessusCentOS Local Security Checks
high
100318RHEL 7 : libtirpc (RHSA-2017:1263)NessusRed Hat Local Security Checks
high
100317RHEL 7 : rpcbind (RHSA-2017:1262)NessusRed Hat Local Security Checks
high
100309Fedora 25 : libtirpc (2017-44d0e642a4)NessusFedora Local Security Checks
high
100291SUSE SLED12 / SLES12 Security Update : rpcbind (SUSE-SU-2017:1336-1)NessusSuSE Local Security Checks
high
100289SUSE SLED12 / SLES12 Security Update : rpcbind (SUSE-SU-2017:1328-1)NessusSuSE Local Security Checks
high
100244SUSE SLED12 / SLES12 Security Update : libtirpc (SUSE-SU-2017:1314-1)NessusSuSE Local Security Checks
high
100241SUSE SLED12 / SLES12 Security Update : libtirpc (SUSE-SU-2017:1306-1)NessusSuSE Local Security Checks
high
100196Fedora 25 : rpcbind (2017-ac407781c3)NessusFedora Local Security Checks
high
100109Debian DLA-937-1 : rpcbind security updateNessusDebian Local Security Checks
high
100108Debian DLA-936-1 : libtirpc security updateNessusDebian Local Security Checks
high
100029Debian DSA-3845-1 : libtirpc - security updateNessusDebian Local Security Checks
high